From: H.J. Lu <hjl.tools@gmail.com>
Date: Thu, 4 Apr 2024 13:37:18 +0000 (-0700)
Subject: bfd_mmap_local: Check offset and size
X-Git-Tag: gdb-15-branchpoint~486
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0ffdc37b98964477e70bfd63ca28f374193dcdb2;p=thirdparty%2Fbinutils-gdb.git

bfd_mmap_local: Check offset and size

Update bfd_mmap_local to return NULL if filesize < offset or filesize -
offset < rsize.

	* libbfd.c (bfd_mmap_local): Validate offset and size against
	the file size.
---

diff --git a/bfd/libbfd.c b/bfd/libbfd.c
index 5126ee207a8..86366e496c5 100644
--- a/bfd/libbfd.c
+++ b/bfd/libbfd.c
@@ -1072,18 +1072,15 @@ static void *
 bfd_mmap_local (bfd *abfd, size_t rsize, int prot, void **map_addr,
 		size_t *map_size)
 {
-  if (!_bfd_constant_p (rsize))
+  ufile_ptr filesize = bfd_get_file_size (abfd);
+  ufile_ptr offset = bfd_tell (abfd);
+  if (filesize < offset || filesize - offset < rsize)
     {
-      ufile_ptr filesize = bfd_get_file_size (abfd);
-      if (filesize != 0 && rsize > filesize)
-	{
-	  bfd_set_error (bfd_error_file_truncated);
-	  return NULL;
-	}
+      bfd_set_error (bfd_error_file_truncated);
+      return NULL;
     }
 
   void *mem;
-  ufile_ptr offset = bfd_tell (abfd);
   mem = bfd_mmap (abfd, NULL, rsize, prot, MAP_PRIVATE, offset,
 		  map_addr, map_size);
   return mem;